With the dawn of the virtual server environment over the last number of years, organizations have realized benefits, such as reduced complexity and cost, to procure as well as a decrease in resources required for implementing and managing servers. One of the greatest benefits of a virtualization implementation is the ability to quickly and easily provision new virtual machines. However, with great ease and speed comes a challenge: If you make it easy for anyone to create a virtual machine for any purpose, you will soon run into virtual machine (VM) sprawl.
Defining VM sprawl
Virtual machine sprawl occurs when an organization has an over proliferation of virtual machines that drain resources and leads to all sorts of inefficiencies, including cost, people, support, etc. Just because virtual machines do not have a physical presence doesn’t mean there are no associated costs; every virtual machine has as resource cost, including storage space and processing power. In addition to the cost-related issues, you can also run into problems with a lack of visibility into the environment, where you have rogue virtual machines that may contain critical data subject to key regulations, including Sarbanes Oxley, HIPAA, PCI DSS and GLBA. All of these regulations come with penalties related to protecting sensitive data and require oversight to establish and maintain compliance.
At first, an organization rarely sees the warning signs of VM sprawl. It’s really not noticeable as a problem until an organization runs out of resources.
How to avoid VM sprawl
Like many challenges the IT organization faces, the solution to this problem is primarily a policy and procedure solution, not a technology solution. That is not to say technology cannot help; it can. However, companies first and foremost must have strong polices in place to dictate who can create a virtual machine and for what reasons.
Another key step for avoiding VM sprawl is looking at how “best in class” companies manage the world of physical servers. These companies implement key controls and process for computing resources throughout the implementation and management of the server. These processes and controls need to be implemented in a virtual world as well. Can they be streamlined for efficiencies? Sure, but that needs to be balanced with the right visibility into all aspects, including budgeting and allocation of resources, to current capacity. Once the business need for new VMs is established, enforcement of a management process around the virtual infrastructure helps ensure the virtual machines are well managed. Making sure you track and manage all your deployed systems should help you keep sprawl under control.
Use technology to keep an inventory
One of the main responsibilities for the system administrator is to keep an inventory of current servers. This has been primarily a manual process over the years, which in the physical world has been somewhat manageable. However, the challenge now in the virtual world is the dynamic nature of the environment and the speed at which machines get provisioned. This makes the manual process, in many cases, obsolete.
This is where technology can lend a hand. There are many tools the virtual machine vendors are offering with their products to help enforce virtual machine provisioning policies and keep track of the virtual machines and their resource usage. These tools are now called virtualization lifecycle management tools. A key thing to bear in mind with any tool is “garbage in, garbage out.” You need to ensure you have the right policies and procedure in place prior to implementing the tools. Otherwise, the value they will provide you in helping to reduce virtual machine sprawl will be severely limited.
About the author:
Robbie Higgins is vice president of security services at GlassHouse Technologies.